Slashdot Mirror
What Advice For a Single Parent As Server Admin?
Dragon_Eater, with "lots of experience setting up PCs and a passable knowledge of Linux but severely lacking in the server/client department,"
writes with a situation that probably faces a lot of parents:
I want to set up three kids, 12, 14, and 15, with newer computers so they will stop fighting for time on the one ten-year-old Dell they share now. I can get the individual computers and a server put together without any problems, but the computer-handicapped single parent needs to be able to do the following via an simple application/web page: View client computer status, On/off, sleeping etc.; Deny Internet access, not LAN, just the web; Schedule time usage of computer, ex. 7 am to 10 pm on school nights etc.; Force log-out and/or shutdown of clients, for grounding purposes; and Apply some kind of firewall filter for blocking undesired web content. And as the administrator for this network I would like the following options: Remote virus scanning of client machines, or scheduled task; Some kind of hardware monitor, high temp / fan speed low etc.; and Email alerts for various log files / alarms.
Given the lists above I am thinking about a Linux-based router/server machine and running Windows on the clients for game compatibility. I also know that a server and network boot client is possible but not sure where to start on that one."
you got a whole deal of connectivity/administration project there. quit your day job.
Read radical news here
Most of what you described can be done with a decent modern router. The hardware monitoring is a bit overboard, logs will tell you what you need to know in the event of a disaster. The force log out could be done via router too, just deny internet. Alot of this can be done with very little technical effort and more parenting skill. Most of this is going to take a dedicated person to monitor it over the course of the installation.
Good-bye
It's amazing what kids can figure out when it comes to getting by the restrictions their parents set forth.
They're going to learn about networking, proxies, virtual machines, ip spoofing etc. All because they want to get on Facebook. Which they will.
the simplest and most effective block is to go over and shut the computer off. Take away the computer if you have to (or just the cords if that's too much trouble).
Where to start: Scrap all your ideas and start over.
Yes, everything you asked for can be done. The reality is though is that, with the amount of complexity you are asking for, you will be a full time sysadmin for them - you might as well quit your day job now.
Your setup is simply too complex for a non-techie (and to be honest, as a techie, I don't want to have to admin something that complex at home). You need to stop asking "can I" and ask "should I?"
Windows PCs joined to active directory can let you manage them, set logon hours, etc.
Why do you care to know if the PCs are sleeping/on/off/whatever?
A router running DD-WRT will let you deny internet access based on hours and/or PCs in a simple manner. To be perfectly honest, I hate the concept of internet filtering (by parents or otherwise) as I believe it is another step toward turning people into drones, rather than teaching them to think for themselves, so I'm not even going to offer any suggestions on that subject.
I agree with the other posters, the system you have suggested will end as follows:
1. The kids will learn how to hack around it. This can be a good thing or bad thing, depending on your point of view
2. The system is so complex it will never work and the parent will never use it as they have no clue
3. You will grow to hate it as it will take too much of your time.
I'm doing something similar but in our family, we've got a 7 and an 8 year old and a 3 year old, so it's a different "ball game".
In our situation, I don't bother trying to put Linux on any of their machines. I've found that for the younger kids, the vast majority of their time spent playing anything Internet/web-based involves Shockwave Flash based sites (or sites using other proprietary 3D player plug-ins). Unfortunately, nothing runs this stuff quite as well as either a Windows XP (or later) OS, or a newer Mac running a recent version of OS X.
I found a free add-on for Firefox called Kidzui that was pretty nice. It basically turns the browser into a "kids' browser" that has a "home page" with good suggested sites for them to visit, and lets them click and explore around in a big collection of known "kid safe" web sites. Basically, it doesn't allow going anyplace except sites they pre-approved, but they make the whole experience feel like the kid is just getting around the net without restrictions. Additionally, it can email the parent weekly stats on the sites they spent the most time using, etc.
If you're using a Mac, OS X has pretty nice parental controls built into the OS for things like not allowing use of the machine after certain hours. I didn't find Windows had nearly as nice of capabilities for that, out of the box (though Windows 7 was closer than any previous version of Windows to offering it).
Honestly, I'm not that "sold" on putting forth the effort of setting up a lot of centralized administration and maintenance for the machines on a small home network (like for 3 kids). You may as well put free anti-virus/spyware software on each computer and let them auto update themselves independently. The products that support centralized management of the AV software tend to be expensive and/or buggy. (You get weirdness like one box that gets out of sync with the server console, so you have to mess with things to get them to both be on the "same page" about the workstation's status again.)
If anything, I think it'd be worthwhile to image the drives of all the machines, once they're freshly set up with the OS and applications and configuration defaults you like. Then, if one gets screwed up, you can just wipe its drive and re-image at will from your network server. Typically, on a kids' PC, they don't have that much important data to worry about losing anyway. If they're doing most things on the net, the sites they use are saving their high scores, user profiles, and such.
As a parent, you are supposed to exert some control over your children. That is why they are called children... That are not yet adults, and are not yet expected to show adult responsibility.
Where N is the number of computer users and you want them in a shared space, not in each child's room. Providing each child a personal computer, especially in his room, is a guarantee that any kind of interaction between you and your kids and between themselves will end. Ensuring computer "scarcity" will force you and, more importantly, your kids to interact with each other. It may even force you and your kids, gasp, to share a computer.
This also has a couple side benefits:
1. There are no "secrets" on the computers so you have no need for the tight monitoring and/or policing you seem to think you want.
2. Virus infections become a shared painful experience with obvious lessons being learned on how to avoid it the next time.
HW monitoring is kind of pointless as it won't tell you anything.
This only leaves you with a couple problems to deal with:
1. backup - there are plenty of backup solutions out there. Generally, you'll want some kind of external drive setup with automated user data backups.
2. virus recovery - If you like anti-virus software, use it. However, you should probably also keep a fresh install method handy so you can simply re-install without having to deal with the mess (this is where a good backup becomes very important). Taken a step further and to save lots of time you could have all your machines running VM hosted Windows images. Then when one of the images gets infected or otherwise "goes bad" you simply revert to the latest and greatest clean VM image (user data backup is still very important).
Both Windows 7 and OSX have parental controls that enforce usage times in a per-account basis, which apps can be run from these accounts, which sites can be accessed, etc. I have been using these with OSX (a good write up at http://theappleblog.com/2009/01/13/kid-proofing-a-mac-with-parental-controls/) with my 11-year old autistic boy and they couldn't be any simpler. He can only log into the machine at certain times, and I have the option to set a maximum session time per day. He can only run apps that I approve, and can go to sites only if I explicitly allow them. The bad news is that, at least in OSX, Firefox doesn't respect the parental control settings (Safari does it fine).
I checked with Windows 7 and the parental controls seem to be pretty similar. More at http://www.microsoft.com/windows/windows-vista/features/parental-controls.aspx
My only real annoyance is that Youtube doesn't have real content rating, which makes it a pain to filter properly. My son loves to make balloon sculptures and is always checking for new video tutorials, the problems is that while looking for these, he runs into the videos of the balloon popping fetishists. One second I am hearing a video explaining how to twist balloons into a roadrunner, next I hear a 300-pound woman in a bathing suit giggling and sitting on balloons to pop them. Gross.
Pedro
----
The Insomniac Coder
I remember when I was a teenager.
My dad added a power on password on the basis that he utterly detested games.
The problem was he didn't even give it to my mother.
Of course one day I actually needed to print something in a fucking hurry and he couldn't be contacted so I solved the problem with a screwdriver and the motherboard manual.
Which brings up the problem of physical access.
All the software in the world is pointless if the teenager can simply swap some network cables.
This does most of what you want out of the box.
There is a nice admin interface where you can create profiles based on day of week, per MAC etc. Block certain keywords.
I am having a laugh riot at the idea of a household consisting of a single parent, a 12 year old, a 14 year old, and a 15 year old being run as a democracy.
Shutting down free speech with violence isn't fighting fascism. It IS fascism!
Keeping an eye on your kids is not the same thing as having a totalitarian regime. I think that logging what your kids do and when is completely acceptable. Whether you reveal this information to them or not is a different story.
When I was a teenager, I got in all kinds of mischief. It turns out that my parents knew about pretty much all of it, but I did not know about this at the time. They didn't interfere unless they thought that I was getting into something over my head... like when I became very depressed, for a long period of time, and I bought myself a bottle of sleeping pills. That was an important intervention.
Children have no right to privacy. Teenagers chafe at the idea, of course, but the fact is that they are children, and good parenting means making decisions that are in their best interests, not their greatest desires. When they're able to weigh their actions with the consequences of those actions (i.e., becoming an adult), then they get privacy.
When your daughter starts googling birth control, it's time to have a chat.
So you are ok with your kids being on AIM all day looking for older guys who make them feel special? Or surfing porn all day? Or, even doing what you want and accidentally running across goatse guy? He's not looking to be the gestapo. He's looking to have some basic protections in place to protect his children from the unsavory parts of the Internet, and to make sure that they don't abuse the priviledge of having a computer in their rooms.
Sure, he could fix this by doing what he does now, having one computer for all three in a public place. But he's trying to improve their access, not limit it. And he just wants to make sure that improvement isn't abused.
Learn to love Alaska
Number one priority is figure out the exit plan.
In "about three years" by yer own figures, the oldest is going to be utterly and completely totally free, at college or whatever. In less than a year, total freedom for limited time periods behind the wheel, visiting stores and other peoples houses, etc.
Building a better cage is not going to help the kids relate, when they're finally released/paroled into society.
Which kids have the biggest problems at 14? The kids of "anything goes" parents. Which kids have the biggest problems at 19? The kids of overprotective parents. On average, 14 year olds can get into less trouble than 19 year olds. So, teach them responsibilities of freedom at 14 with your guidance, not 19 and alone.
"Science flies us to the moon. Religion flies us into buildings." - Victor Stenger
The thing is, the requirements are extra-detailed and a little anal, which make them seem over-the-top, but they basically boil down to:
(1) Restrict internet usage to normal times so the kids don't stay up until three am on a school night. Reasonable.
(2) Revoke access as a punishment. Kids have been getting grounded for how long?
(3) Block access to some sites. Entirely reasonable if you're talking really bad sites or malware infected stuff. It doesn't necessarily equate to some active proxy reading their facebook posts. Besides, I'm sure the kids don't want to see goatse any more than you.
I'm sure plenty of good parents keep guns in a safe and liquor in a locked liquor cabinet. Obviously a gun or booze is more dangerous than the internet, I'm not trying to equate them, but there are advantages to a layered system of trust. Technology and good parenting aren't mutually exclusive.
Can you construct some sort of rudimentary lathe?
The parent is described as "computer-handicapped", so let's put it in terms he or she will understand: Consider, instead those old-fashed toys of yesteryear. Or consider the TV which many kids of my generation had in their rooms.
Could you imagine a parent asking that his children's toys will automatically stop working on 10pm? Or that his TV cannot be turned on when the child is grounded, or perhaps show only certain channels at certain times? Or the toys checking themselves and letting the parent know when one of them gets broken?
This is all ridiculous, of course. With toys and TV you simply couldn't even imagine doing this. With a computer you can *imagine* doing it, but it doesn't mean it makes sense to do it. A child will always find ways to break such technological rules, especially if the parent is so-called "computer-handicapped".
I'd suggest that if you're only having the chat after your daughter starts googling birth control, you've probably left it a little late.
AND, to continue singing the praises of ClearOS as the perfect solution to the server/gateway side of OP's requirement, it includes among other thigs:
- an email gateway/server
- proxy server with content filtering
- protocol filtering (mommy/daddy can limit those pesky torrents or set up time based filters to gaming servers) He could even give some protocols bandwidth priority at certain times of day - more gaming over weekends, more http at other times.
- shared folders for users
Heck there are tons of features, some not really needed but others perfect.
and lots more. ClearOS would be the best to use, also there is an active forum where OP can ask for assistance, and $singleparent can sign on for help.
Heck OP can log into the server remotely and assist with any issues requests that might show up.
Seven Days with Ubuntu Unity
This is all awesome stuff, but really when confronted with all of this I would just go next door or go to the library to look up what I wanted on the net and email whoever I pleased (facebook etc..) and so will these kids.
limiting Kids is not going to teach them anything you have to educate to do the right thing.
It said "windows 98 or better" so I installed Linux
No it's not.
It is more like; take a active interest in your kids lives, talk to them even about the hard subjects. Let them learn from your experiences and mistakes. Don't rely on technology, other people and laws to do your job for you.
Bring up kids _IS_ the hardest/most rewarding thing you (or anyone) will ever do.
It said "windows 98 or better" so I installed Linux